Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-32756

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.00271EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-47823

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.01152EPSS
Exploits0References1
CVE
CVE
added 2025/09/11 5:26 p.m.28 views

CVE-2025-43782

The CVE-2025-43782 entry covers an Insecure Direct Object Reference (IDOR) in Liferay Portal/DXP where the workflow-definition API exposes resources by name, enabling remote authenticated users to access workflow definitions without proper authorization. Affected products/versions include Liferay...

5.3CVSS6.4AI score0.00234EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2025/09/10 9:30 p.m.4 views

GHSA-FVP7-JJ9M-3QPF Liferay Portal's Incorrect Authorization vulnerability can lead to guest users to obtaining sensitive data

An Improper Access Control vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.8, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows guest users to obtain object entry information via the API Builder...

6.2CVSS6.3AI score0.00238EPSS
Exploits0References5
CVE
CVE
added 2025/09/09 3:0 a.m.21 views

CVE-2025-43777

CVE-2025-43777 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP versions 2025.Q1.0–2025.Q2.9 (and earlier 2024.Q1.1–2024.Q4.7, 2024.Q2.0–2024.Q2.13, 2024.Q3.0–2024.Q3.13). The issue: an Internal Server Error is exposed in the login response when a request uses a deleted Client Secret. Root ...

5.3CVSS6.4AI score0.00216EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2024/07/22 9:15 p.m.3 views

CVE-2024-6791

A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .vsmodel file. This vulnerability affects VeriStand 2024 Q2 and prior versio...

7.8CVSS6.1AI score0.00458EPSS
Exploits0References1
NVD
NVD
added 2024/07/22 9:15 p.m.23 views

CVE-2024-6794

A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions...

9.8CVSS0.01152EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 9:3 p.m.24 views

CVE-2024-6806 Missing Authorization Checks In NI VeriStand Gateway For Project Resources

The NI VeriStand Gateway is missing authorization checks when an actor attempts to access Project resources. These missing checks may result in remote code execution. This affects NI VeriStand 2024 Q2 and prior versions...

9.8CVSS0.01019EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 9:0 p.m.16 views

CVE-2024-6805 Missing Authorization Checks in NI VeriStand Gateway for File Transfer Resources

The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File Transfer resources. These missing checks may result in information disclosure or remote code execution. This affects NI VeriStand 2024 Q2 and prior versions...

7.5CVSS0.00954EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 9:0 p.m.53 views

CVE-2024-6805

The CVE-2024-6805 entry concerns NI VeriStand Gateway missing authorization checks when an actor accesses File Transfer resources (IFileTransferServer / ProjectServer surface). Affected product: NI VeriStand 2024 Q2 and prior versions. Impact stated in sources includes information disclosure and ...

9.8CVSS7.5AI score0.00954EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/22 8:47 p.m.14 views

CVE-2024-6793 Deserialization of Untrusted Data in NI VeriStand DataLogging Server

A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. Successful exploitation requires an attacker to send a specially crafted message. These vulnerabilities affect NI VeriStand 2024 Q2 and prior versions...

9.8CVSS9.8AI score0.01193EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 8:38 p.m.29 views

CVE-2024-6791 Directory Path Traversal Vulnerability in NI VeriStand with vsmodel Files

A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .vsmodel file. This vulnerability affects VeriStand 2024 Q2 and prior versio...

7.8CVSS0.00458EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/22 8:38 p.m.14 views

CVE-2024-6791 Directory Path Traversal Vulnerability in NI VeriStand with vsmodel Files

A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .vsmodel file. This vulnerability affects VeriStand 2024 Q2 and prior versio...

7.8CVSS7.5AI score0.00458EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 8:1 p.m.38 views

CVE-2024-6675

CVE-2024-6675 describes a deserialization of untrusted data vulnerability in NI VeriStand, specifically in the NIVSPRJ/project-file parsing. The underlying flaw is deserializing data from a crafted project file during processing of NIVSPRJ elements, which can lead to remote code execution. Exploi...

7.8CVSS7.8AI score0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 8:1 p.m.21 views

CVE-2024-6675 Deserialization of Untrusted Data Vulnerability in NI VeriStand Project File

A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects VeriStand 2024 Q2 and prior versions...

7.8CVSS0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/22 8:1 p.m.12 views

CVE-2024-6675 Deserialization of Untrusted Data Vulnerability in NI VeriStand Project File

A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects VeriStand 2024 Q2 and prior versions...

7.8CVSS7.6AI score0.00396EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.3 views

PT-2024-37868 · National Instruments · Ni Veristand

Name of the Vulnerable Software and Affected Versions: NI VeriStand versions prior to 2024 Q2 Description: A deserialization of untrusted data issue exists in the NI VeriStand Waveform Streaming Server, potentially leading to remote code execution. Successful exploitation requires an attacker to...

9.8CVSS8AI score0.01152EPSS
Exploits0References5
Rows per page
Query Builder